Visitor Management: The ‘Last Frontier’ in Electronic Access

Visitor management systems can vary widely from a paper log to fully integrated with the access control system.

by Karyn Hodgson, SDM Magazine

Visitor management used to consist of a paper logbook at the reception desk. While this is still the case for many, particularly smaller facilities, more and more end users are entering the digital age when it comes to their visitors.

“More end users are looking to automate,” says Rick Focke, senior product manager, access control, building technologies and solutions, Johnson Controls, Westford, Mass. “There is more of a self-service mentality. It comes down to cost. They want to trim budgets while maintaining a good visitor experience, consolidate reception areas and do more things ahead of time. There may still be a person there, but there used to be three.”

Derek Arcuri, product manager for access control, Genetec, Montreal, adds, “I definitely see there is more of an adoption for the enhanced visitor management because of the benefits it has for the organization. When you are dealing with a lot of visitors, it is not only the operational efficiency, but that greeter at the front door doesn’t have to be constantly busy with visitors. The pre-visitor management can help them become not only more efficient but also more secure by running background checks.”

There will be opportunity out there for upgrades for the foreseeable future, whether that is with an independent stand-alone system, an integrated partnership or an embedded feature, says Steve Bardocz, president and CEO, Savance EIO Board, Commerce, Mich. Savance integrates with manufacturers such as Keri Systems, Brivo and others, he explains.

“I see there are still a lot of end users that are paper-based,” he says. “As more organizations move critical aspects to digital they realize there is this opportunity to move this, too. They start to think, ‘How am I going to muster if I have paper sheets?’ There are other decisions that drive that as well. I see the trend moving slower than we expected, to be honest. But I don’t think it is going to decline. As organizations move more into the digital realm and rely on other business needs like auditing, mustering or security, the visitor management starts to pick up.”

Integrators Dave Sweeney, COO, and John Gampp, chief engineer, Advantech, Dover, Del., have seen this as well. “We have seen an uptick in interest in visitor management from our customers over the last three or four years,” Sweeney says. “That can be attributed to a few different things. One, I believe the visitor management solutions have improved tremendously, so they are more feature-rich and user friendly. Another is the fact that our customers have gone and installed all the cameras and card readers they need. It is the next logical expenditure to improve physical security.”

Today’s Visitor Management

There are three primary types of automated visitor management systems today: stand-alone systems sold through the channel or direct to the end user; third-party systems that have formed tight integrations with access control systems; and security manufacturers that have embedded visitor management or even separate systems that are designed to work seamlessly with their access control systems.

“It is tough to speak for others, but from my knowledge being in the industry, the majority of medium to large-sized companies have a similar approach to visitor management,” says end user Bret DuChateau, corporate security, Northwestern Mutual, Milwaukee. “Overall, companies more than ever want to know who is in, how often they are in, who is pre-registering. That starts changing behaviors, too, to help streamline processes at busy lobby desks. If you can predict that on Thursday one lobby will expect 200 people between 8:00 and 8:30 so you want to float an additional security person to help out, that improves the client experience as well.” DuChateau recently worked closely with Torrance, Calif.-based access control manufacturer AMAG to provide feedback on its revamped visitor management offering, Symmetry Guest. (See “Visitor Management: One End User’s Perspective” online at www.SDMmag.com/visitor-management-last-frontier.)

Focke notes a trend in recent years toward more self-service, whether that is a kiosk in the lobby or tablets or QR codes on the smartphone — similar to airport check-ins. “Traditionally visitor management had to be operated by a receptionist who then gave people cards, took a picture, scanned a driver’s license, etc. But now they are following the lead of airports. They are asking us for self-service, especially at remote or small sites. There may be one person handling 10 different buildings through network links and video displays.

“There is also a trend towards a wider range of credentials. That could be anything from a standard temporary badge to QR codes being emailed, to mobile credentials being provisioned ahead of time. The aim is to speed up the process when the visitor does arrive, so they have been pre-vetted and have their credential already.”

Phil Mantia, senior account manager, STOPware Inc., Pleasanton, Calif., notes that visitor management technology has changed in recent years. “The devices are different. A few years ago traditional visitor management was someone goes to a desk and a security person would register them. Now there are mobile devices, or kiosks. It is typical that it prints out a badge using the QR code, and we see a lot of customers now using the kiosk interface on the tablet as well.” The company’s PassagePoint solution integrates with many access control systems, he says.
It really boils down to the end user’s needs, Bardocz says. “If the need is very basic where it is no more than replacing a sign-in sheet and budget is an issue, the [typical] built-in visitor management will probably be the best bet. If you are looking for something that will be an integral part of your business and improve operations, you may want to upgrade to a more interactive visitor management system.”

Taking a different approach, HID, Austin, Texas, actually just added a new product to its EasyLobby offering, also aimed at making this transition easier. “EasyLobby Solo is a streamlined version designed to smooth the transition for small and large organizations moving from a traditional guest book to an automated, digital visitor management solution,” says Nils Walander, senior product marketing manager, HID Global. “In addition to facilitating a more professional image, organizations are able to increase security for visitors and employees by better managing who is entering and leaving the premises.”

While applications can range from the simple to the extremely complex, the key to any of them from the end user perspective is they must be simple to use, adds Jeff LeBlanc, vice president client services, AMAG Technology. “Providing an intuitive user interface and multiple ways to manage visitors is key to promoting buy-in within an organization. Calendar integration, access control integration, smartphone and tablet access, QR code and driver’s license scanners are all tools that help to simplify things.”

Game Changers

While there are many ways to provide visitor management today, there are some things beginning to change, from more use of the cloud and smartphones, to large manufacturers deciding to provide even more functionality to their embedded offerings.

Many of Genetec’s larger customers were asking them to add more visitor functionality, something the company is working toward launching sometime in the first quarter of 2018, Arcuri says. “We are a big advocate of the unified story and a lot of our customers were telling us they have to work with one of our partners to get this extended functionality, so where does the unified story stop? We looked at that and said there is a bigger adoption for identity and access management solutions. Let’s make that part of the experience.”

AMAG and Johnson Controls have also recently made significant efforts to enhance their visitor management offerings.

“In the last two years Software House has really upped our game in visitor management,” Focke says. “We offer, in my opinion, a very rich add-on to the system for visitors. It’s part of the native system, which offers the benefit of a common database, history log, interface, etc. It is not cloud-based now, but as our standard software moves to the cloud this will move as well.”

Cloud is another key factor, Mantia adds. “Cloud is becoming critical for access control and inherently for visitor management. There is the trend away from manned stations and more into a hybrid where you have a kiosk and limited interaction with the visitor.”

DuChateau appreciates that AMAG’s visitor management system is cloud-based. “Their system communicates with the access control system, which translates to we can provision this person access for this building and it does it instantly.”

Opportunity Knocks

Here is some advice for integrators on choosing and selling the right solution for your customer.

“The first thing anyone needs to know when selecting a visitor management system for a particular customer is what problems, policies and compliance needs the organization is facing today when it comes to processing visitors in their lobbies,” says AMAG Technology’s Jeff LeBlanc. “Sometimes integrators are more focused on the installation of the application and peripherals and the immediate problems the system will solve, but miss the analysis of an organization’s policies and ensuring the visitor management system can handle enforcing these policies.”

Johnson Control’s Rick Focke compares it to a good paint job. “The more prep work you do, the better the paint job. You want to keep it really simple for the actual visitors. Ask, ‘What are your requirements, Mr. end user? Which questions do you want to have asked to the visitor?’ Map it out ahead of time.”

He adds that there is a clear line of demarcation when it comes to the level of integration with the access control system.

Phil Mantia of STOPware says some integrators can underestimate visitor management. “Sometimes it is thought of as just a badge-making program, but maybe they want to send a credential to a phone, or notify the employee automatically or cross reference to a watch list. On a bad implementation these questions don’t get asked.”

Advantech’s Dave Sweeney says that as an integrator, visitor management is definitely an area of opportunity. “We deal with a lot of customers that have record-keeping requirements and believe it or not, the visitor log is the last thing that is still analog on paper. It is a wonderful opportunity to finish our customer’s conversion to a digital, paperless society.”

Checklist for Integrators

STOPware provides a global checklist to its integrators to help them better identify customers’ visitor management needs:

• How many users will be processing visitors?
• What type is your organization?
• Do you have a list of hosts you want to link to in real-time?
• Do you want employees to be able to pre-register visitors?
• Would you like all locations to be administered from one location?
• Do you need to give visitors access control cards?
• Do you require screening visitors against various registries?
• Do you require reading of PIV cards?

Visitor Management: One End User’s Perspective

For Northwestern Mutual, Milwaukee, visitor management had always been rather ad-hoc. That changed with the decision to add on to its downtown campus, and the opportunity to be part of a user group for a manufacturer that was looking to increase the functionality of its visitor management offering.

“We had just undertaken building on to our campus by connecting to a 32-story tower,” says Bret DuChateau, corporate security. “That was the driver to migrate away from paper credentials to a more formalized visitor management solution.

“We went from a couple of stand-alone systems that were run independently to making a strategic decision to go with an enterprise-class system about three years ago.”

DuChateau says working with AMAG Technology grew out of the company’s relationship with them for their access control system. “When we started discussions we knew they had a visitor management system that would suffice in the near term but we also knew they were working on Symmetry Guest as their cloud-based version. It was hugely advantageous for us to collaborate with them on system design and feature sets and be able to roll that out to our enterprise practically a year before opening the tower.”

The collaboration included giving feedback to the manufacturer, particularly about user friendliness and the overall experience for the user and the visitor, he adds. “We were able to give them real-life use cases such as ‘It would be nice if the system could do this or provide that. When you are at a lobby and 40 people walk up it would be nice if you can do rapid check-in, for example…. We have a lot of people that share admin responsibilities. What does that process look like for them? How logical is the system for me to register? All of those little things add up to being a really good end solution for companies.”

Now that the system is released, DuChateau says the relationship is ongoing. “We are still giving feedback. We are still on weekly calls and putting ideas on backlogs to be put in future releases.”

Read the original article at SDM Magazine.

Integrators ’20 under 40′ 2017—Brian Thomas

Brian J. Thomas, 38

President and CEO, A3 Communications

Irmo, S.C.

Brian Thomas has always been around the security industry, as his father Joe Thomas founded A3 Communications in 1990. “Our company started out as a small IT/networking organization based out of Columbia that served small businesses throughout South Carolina,” he said. “We have always prided ourselves in being flexible and adaptive to our clients’ demands as their technology needs evolve. Our clients’ demand has consistently driven our service offerings and we have expanded over the years to meet their specific needs.”

When the financial crisis occurred in 2008-2009, Thomas said the company made a strategic shift to focus its offerings more toward stable verticals including state government, education and enterprise commercial.

“During this transition, IP-based security solutions were becoming more viable and it was a natural offering for us to pursue with our deep understanding of the network and how to successfully deploy IP endpoints,” he noted. “Today, we are a regional systems integrator with international reach from our seven office locations throughout the Southeast and our international partner network through Security Net.”

Thomas believes that biometrics and cloud-based solutions are two technologies that “are going to be very disruptive in our industry,” he said. “However, I believe they both bring great opportunities for end-users and integrators if you are properly prepared.”

For ways to attract more young talent, he noted, “Educating them on how the security industry is now the IT industry is key. The days of analog solutions are long past. Clients now demand that their security systems are fully integrated with all of their systems throughout the network. With this sea change comes opportunity. If this is properly conveyed to the younger generation, they will be knocking on your door.”

Read the original article at Security Systems News.

5 Big Trends Affecting the Enterprise

Enterprise customers often have unique needs and approaches to security. How will some of the top trends such as mobile credentials, cloud, big data, IoT and cybersecurity affect these larger customers?

by Karyn Hodgson, SDM Magazine

Large enterprise access control customers have been pushing for several years for more open, non-proprietary security systems. Many found themselves “stuck” when large manufacturers went out of business or a particular system reached end of life and there was no easy upgrade path.

Indeed, when Christopher Lessard, safety and security director for Nashua Public School District, Nashua, N.H., updated the district’s access control system in 2014, this was a primary consideration. “We felt very strongly about it being non-proprietary. Some systems we had in place were proprietary, and they tied our hands. They really got a chokehold on you and we did not want to deal with that anymore.”

At the same time, technology has offered many more connection options — such as wireless, PoE, Bluetooth — to customers large and small, opening up the possibility of adding on to systems in a more cost-effective manner.

As these trends continue to proliferate, they may help set up enterprise customers for the next big thing in security. But what will that be? Will it be the new mobile credential options? Is the cloud becoming a more viable option for larger customers? Big data and business intelligence have the potential to really help enterprise customers, but are they adopting it yet? Beyond that, the Internet of Things is another big buzzword lately. And lastly, none of these trends are happening in a vacuum; looming over any new technology purchase or decision is the specter of cybersecurity and making sure all these things that touch the network don’t open up vulnerabilities.

“The one trend I would say is not always spelled out in these discussions is the continued overlap and blending of network and physical security,” says Chris Hobbs, director of enterprise partner business development, ASSA ABLOY Door Security Solutions, New Haven, Conn. “When you are talking about security — the standards, the delivery, the support, the installation — you see how the definition for scope of work trends toward inclusion in the network security conversation.”

Access control systems need to evolve into a platform to manage the Internet of Everything (IoE), says Jerry Glynn, CIO, American Direct, Lenexa, Kan. “To be effective at this, it is essential that these systems connect to the IoT and have the ability to collect and correlate data of ‘big data’ type capabilities.

“The world is increasingly becoming connected over wireless networks and devices embedded in everything. This trend will result in a ‘tipping point’ where it will be possible to easily connect to and communicate with almost anything in our environment.”

As that happens, the following five trends will increasingly come into play for enterprise customers. Let’s take a closer look at how enterprise customers are reacting to them and preparing for the future.

1. MOBILE CREDENTIALS
Mobile credentials — placing the access control credential onto a mobile phone — are still in the very early phase of adoption for all types of customers. Because of scale, enterprise customers may face additional challenges adopting it; but this trend could ultimately help keep costs down.

“We think mobile credentials are the future, and it is only a matter of time until people get more and more comfortable with them,” says Derek Arcuri, product marketing manager, Genetec, Montreal. But there are challenges. “If I am an employee and I have to bring my own phone, do I want my phone to have to be responsible for that? It is a little bit of a mindset change. At the hardware level you have to have a Bluetooth or NFC chip enabled. Once those hurdles are passed and more and more manufacturers support enrolling, I think the market will head steeply upward. One day mobile credentials will be our future.”

Richard Goldsobel, vice president of Continental Access, Napco Security Technologies, Amityville, N.Y., sees mobile credentials starting to take hold already, but notes there are some challenges still. “It is definitely proliferating,” he says. “The tough part is consistency across implementation, even within one enterprise. Here at Napco we have mobile credentials we use with [certain locks]. And that is great for those locks, but we are in a mix-and-match situation with readers. Depending on the size of the enterprise and what they are after, the logistics and cost are still mind-boggling for end users to wrap their head around. But everybody asks about it and everybody wants it.”

That is because mobile credentials represent convenience. But it must be tempered with security, particularly at the enterprise level, says Justin Wilmas, senior director of sales, North America, AMAG Technology, Torrance, Calif. AMAG recently introduced its own mobile credential solution. “We know convenience is going to drive this market, but security is so important as well. I would say we are still in the early-adoption phase and it does present a lot of things they need to look at before they deploy them.”

Christopher Kieta, senior director of sales, Securadyne Systems, Dallas (SDM’s 2016 Systems Integrator of the Year), has an interesting take on what will prompt enterprises to adopt mobile credentialing. “This is a huge trend and it is going to be driven by millennials. It is about one thing, and that is the user experience. Go to any major university campus that is focused on growing their enrollment and attracting students and they are focused on being the campus of the future. People want their cellphone to be the answer to getting into their dorm room, and I think you will see increasing proliferation in that market. I don’t think it will jump in leaps and bounds but there will be a real steady uptick.”

When it does, enterprise customers will realize the other benefit to mobile credentials: efficiency and cost, Hobbs says. “Mobile credentials have become much more consumable, and that affects a number of things: It changes and improves overall business operations by allowing customers to more efficiently manage their workforce with how they distribute credentials. Mobile credentials also impact how enterprise customers utilize visitor management systems, contracted employees and their own mobile workforce. The functionality of sending a secure credential via email as opposed to having them report to an office dynamically changes how people can improve the security of their system and manage it much more effectively.”

2. CLOUD
The cloud has traditionally been relegated to small and medium-sized businesses, particularly where it can be hosted or managed by the integrator in place of an on-site security or IT person. However, as many other things go “cloud” from banking to IT systems, the enterprise is beginning to find ways to utilize it and still meet their needs.

“As a computing option, the cloud offers a whole host of benefits, including the ability for enterprises to access and use IT resources as a utility, as opposed to building and maintaining their own computing infrastructures in-house,” says Mitchell Kane, president, Vanderbilt, Parsippany, N.J.

“What we’re seeing is that clients like the idea of having a platform optimized to run in a cloud environment,” reports integrator Henry Hoyne, CTO, Northland Control Systems Inc., Milpitas, Calif. “However, not all want to pay the premium of having it cloud-hosted. Tech-savvy clients may have their own private cloud to which they could host and manage the platform on their own. But overall I do believe that cloud will continue to grow and have a prominent place in our industry.”

Cloud is becoming king, Goldsobel says, adding that for the right customer, it makes sense, but it is not for everyone yet.

Arcuri agrees. “We think the adoption of cloud is rather high in the enterprise market, but somewhat sporadic based on the configuration of the customer. I have found high adoption in oil and gas customers, for example. … Why these customers were interested was they have humongous corporate offices and a wealth of smaller sites with five to seven doors. Do you really want a server at all those sites?”

Kieta reports that there are an increasing number of enterprise customers from all industries heading in that direction. “Customers are warming up to the cloud because everybody understands the cloud now,” he says. “More importantly, this cloud proliferation is probably the single biggest needle mover in aligning the access control industry with the IT culture. You will see IT departments saying, ‘We have made a decision that we don’t want to buy any more applications that will run on a server here.’”

For larger enterprise customers, when they go that direction it will be reflective of whatever their IT culture is, Kieta adds. “The closer their core business is to the cloud, the more cloud-centric they will be when they are asking you for new security things. But legacy security systems can be like a boat anchor for technology and if they know they have this enormous investment, a lot of times it won’t even come up. But it is treated like a boat anchor and they are just waiting for the day they can do it.”

3. BIG DATA
Big data, or business intelligence, would seem to be a no brainer when it comes to the enterprise. But the usability and value have to be there first in order for them to take a serious look at it.

“I call this the untapped goldmine,” Hoyne says. “Nearly every device we deploy is generating some sort of event and log. It’s being able to correlate that data into something meaningful that is key. Some of our clients have built their own correlation engines using sources from security, IT and others. This data can be used to create a profile of an employee, determine workspace utilization and detect suspicious activity between physical and logical access.”

Access control data can be used to provide a bigger picture look at an organization, Kane says. “Analyzing the patterns of employees and visitors coming and going can allow enterprises to determine energy usage levels and better address if there are ways to save in the long run.”

Access control systems produce a lot of data, Wilmas adds. “Access control is the foundation of the enterprise security operation because it controls when and where identities have access.”

But all this relies on the data being useable. “If not stored with intelligence, customers can quickly find themselves swimming in data,” says Michael DeMille, senior director of product management, Mircom, Toronto. “Big data is good if it can be used precisely and efficiently. The data should be purposeful, concise and easy to retrieve.”

That is why the risk assessment business has started to build dashboards to join data and analytics and make sense of all of the information, says John Nemerofsky, president, national programs, CGL Electronic Security, a Security-Net member company, Westwood, Mass. “For example, if you have a large amount of people traffic in building 4, how does that impact the manpower for that building and what about parking? You can now make business decisions from the information gathered.”

Kieta agrees enterprise customers are headed in that direction, but it may take something beyond the security industry to reach fruition. “I think there will be a convergence where you are taking sensory data out of devices in the access control world and bringing them into a data collection engine to identify macro trends. Down the road it won’t be driven by the access companies, but a Google-style company that understands how to be a force multiplier for a customer’s business.”

Glynn thinks this will be further driven by the IoT or more specifically the IoE. “As the Internet of Everything brings more and more endpoints and systems together, there will be a corresponding need to manage and act upon that data. Artificial intelligence, advanced analytics and data management will be the keys to leveraging all of the connected technology.”

4. IOT OR IOE
As noted above, there is definite correlation between the business intelligence or big data and the Internet of Things, which allows machine-to-machine direct communication, potentially significantly adding to the amount of data available.

While the IoT has been around for a few years now, when it comes to the enterprise, several experts prefer the term Internet of Everything or IoE.

“For the enterprise client it’s about more than the IoT; it’s about the Internet of Everything,” Glynn explains. “The IoE is becoming more of a reality every day where people, process, data and things are connected.”

Enterprise customers are starting to explore the possibilities the IoT provides, Hoyne says. “Lately we’ve had a number of requests wanting to know if it is possible to monitor the IoT devices that reside on their networks.”

The real boost will come when the IoT demonstrates how it can solve real-world problems, Goldsobel says. “When something solves a real problem, that is what drives every business, all the time.”

Kieta sees great potential in the IoT for enterprise customers, as well as for the function that integrators play for their customers. “If you look at LAX airport, for example, in their operations center they are also monitoring social media feeds and the health and operating environment for things like the moving walkways, escalators and matching those against expected passenger loads. That is how they use [IoT]. But the real rubber meets the road in how they handle servicing the facility.” That is the meat of the IoT from the integrator perspective, he says.

“Responding to a service call is the Fred Flintstone approach. If you want to improve your customer experience today you have to service things before they break; but how do you do that? If the device is intelligent, it can tell me that. Now I am using my IoT and my data in a truly meaningful way. But it is also less about security and more about driving business. If security is part of that equation, now I am not just this overhead expense but something that helps business function more fluidly. If I am collecting that data, service becomes proactive and that drives costs down. Once people really understand that you will start to see things change.”

However, the potential of the IoT is dampened by the need for more cybersecurity, Hoyne adds. “The industry is changing from the old analog ways of doing things. In the past you just had to worry about someone breaching your outer perimeter and inner portals to get to sensitive data. Now IoT devices can be the breach point into corporations where that data can be copied, or worse, without ever having to step on-site.”

Arcuri agrees. “We were talking to one of our larger customers in Texas and any time something was proposed to be added to the network, they said, ‘not until you prove it surpasses the cybersecurity centers we have in place.’ All these new devices that add functionality and connectivity are great. But at what cost? Larger organizations are always trying to reduce their surface of attack and cyber has to be at the forefront of every conversation as it relates to IoT. All these devices that offer that impeccable convenience are great, but the question should always be how secure are these devices? IoT ties directly into cybersecurity.”

5. CYBERSECURITY
The big kahuna of trends that has the potential to impact — positively or negatively — everything else is the rapidly increasing awareness and concern of what all these cool new technologies that touch the network do to the cyber vulnerability of the enterprise. Enterprise customers today frequently demand that integrators or their manufacturers answer a host of questions about the cyber hardening before considering anything new.

“The RFP usually goes to the integrator and the RFI to the manufacturer,” Wilmas says. “The information security department usually has a whole spreadsheet with tons of information around cyber encryption. That has increased a lot.”

Kieta points to constantly shifting and changing needs — the more deeply the customer gets into the project — which can slow everything down and take more time to get right. “Where the policy isn’t clearly defined now I am subject to more changes during the selling process so as they are looking to migrate to a new system or put things online they might have general requirements for that; but as they start to look more specifically at each device and how it touches the network, now they might have special privacy concerns about that biometric reader that didn’t get identified when they first talked to you. … Now the customer is going to start to ask new and different questions that I as an integrator may not necessarily know the answer to.” While the end result is a better and more secure system, it can be painful for all involved, he says.

Right now the onus is primarily on manufacturers to harden systems, including those that work with legacy products, Kane says. “With the rise in cloud technology and increased connectivity, encrypting communications between devices is paramount — and it starts with manufacturers, especially when legacy, new and different technologies are used together. A single insecure system or poor deployment of a solution can deem the entire system vulnerable to an attack.”

Hobbs agrees that manufacturers are changing how they approach things in response to cyber threats and demands from customers, including enterprise ones. “Cyber threats cause us to blend logical access control with physical access control, both tactically and strategically. In today’s world, industry and consumers are looking for solutions that blend secure credentials and logical access with traditional access control hardware.

“It’s also creating a sharper focus on the vulnerabilities around the businesses that we all participate in and serve. It used to be people, places and things. But now the systems are becoming more dynamic out of necessity. We are seeing more and more from the consumer’s perspective that these solutions we provide must have intelligence and be able to adapt to the environment that is changing so quickly.”

Hoyne is glad that the topic of cybersecurity is getting the attention it deserves, from manufacturers and others. “I’ve been to many events where entire segments have been dedicated to this topic. It is probably number one, next to features. If the product isn’t secure enough to be on a network, then clients are not willing to take that chance. … I recently had a client who was interested in a new access control platform. The first step was to see which of those satisfied their cybersecurity needs. That list dwindled down rather quickly, even though some of those platforms had features that the security teams needed.”

That has been Nemerofsky’s experience as well. “We just worked with a financial enterprise access control client that replaced their global access control platform for another after a vulnerability assessment identified it was not secure. They took that threat seriously and many end user customers are making cybersecurity a top priority.”

Cybersecurity needs to become a whole mind shift for all customers, Arcuri says, and larger enterprises are starting to move on that quickly. “Cybersecurity used to be a technical conversation. All of a sudden CEOs are involved because their employees and customers are at risk. We think it is an incredible thing if the customer’s first question is, ‘How secure is this product?’ We are seeing more and more of that in the enterprise space.

“Cyber threats now come up in every conversation when it comes to modernizing. In fact, many will modernize because there are multiple vulnerabilities detected. Cyber is a major driver of change. Mobile credentials are convenient; business intelligence is a sweetener; the cloud is something the market is heading to; and IoT brings convenience but also ties back to cyber threats. Cybersecurity is what is really shaping the market. It is important for enterprise customers to make sure cyber is ‘business back’ as opposed to just ‘technology forward,’ meaning it is part of their business DNA.”

Impacts Today & Tomorrow
SDM asked its experts which of these five top trends — mobile credentials, cloud, big data, IoT and cybersecurity — will have the biggest influence on enterprise customers in the short term and the long term. Here are some of their responses:

“I think cybersecurity will have the biggest impact in the short term. Any device that does not adhere to industry standards or trends will automatically get written off. Longer term I see big data having the greatest influence. There’s enormous potential there. The key is gaining access to the disparate systems and knowing what to do with it. ” — Henry Hoyne, Northland Control Systems Inc.

“Mobile credentialing probably has the most immediate play because it is fun. If I was going to get behind a trend right now and build a sales campaign, that is the one I would pick because I can see what is going to happen. But the biggest, larger impact is probably going to be the IoT because it is potentially a force multiplier for you. It will help you build your business.” — Christopher Kieta, Securadyne Systems

“In today’s enterprise, they are already facing all five of these but to varying degrees. Cyber threats will just continue to rise. Big data will grow and be intricately linked with IoT. BYOD will only continue to grow and opportunities to secure these devices will continue to mature. The cloud will also continue to grow but enterprises need to use the same internal controls and measurements with their cloud decisions. IoT is in its infancy but will pose the biggest cyber threat depending on where the enterprise deploys it. Understanding how these various devices enter the network and what security controls are in place will be critical.’ — Daniel DeBlasio Jr., vice president of sales, North America, BQT Solutions, North Ryde, Australia

“The IoT has the most potential to be a long-term influencer in the market, providing a new capacity for connectivity that is proving to be a real benefit for enterprise customers. The IoT, in theory, has the potential to offer nearly endless opportunities for connectivity. — Mitchell Kane, Vanderbilt

“I think the biggest changes in security will be predictive analytics. In our opinion the access system is the foundation of a security department and everything is connected to the access control system. Using business intelligence and predictive analytics will be very important.” Justin Wilmas, AMAG Technologies

Advice for Security Integrators
With all these exciting (and sometimes concerning) trends affecting the enterprise, what can and should security integrators be doing to help prepare their enterprise customers — and themselves — for what’s next?

“The challenges for an integrator are to help clients understand the technical changes that are underway and how they can invest in and leverage them for new or improved capabilities,” says Jerry Glynn of American Direct.

ASSA ABLOY’s Chris Hobbs has three pieces of advice: “First, get the owners and IT or network administrators to the table very early. Learn what their needs, likes and threshold for network capabilities are. Second, start with the credential and make certain that both today’s needs and tomorrow’s ‘wants’ are addressed for the customer. Third, consider new and different places for access control. We are finding that clients’ needs have changed far beyond the traditional instances of main entry points and targeted high-value doors.”

It is critically important to involve IT departments from the beginning stages of a security upgrade, says Mitchell Kane of Vanderbilt. “The collaborative nature emerging from bringing physical and logical access control together is dependent on the ability of multiple departments to work together toward a common goal.”

One key is to stay on top of the tech game, adds Richard Goldsobel of Napco Security Technologies. “For any organization, including ours, keeping a core engineering technology solution dedicated resource is tough. Stronger integrators are more technically savvy and hire people for that. If they don’t, that limits the upside on their ability to do jobs.”

Derek Arcuri of Genetec recommends integrators ask more questions of their enterprise customers. “When they are visiting customers to provide the excellent service we know they do, ask questions about regulation changes. All of a sudden organizations, in order to meet code, have to replace things. That is something the integrator should be going to customers and talking about. That conversation can lead to perhaps modernizing cards, or something else.” He also recommends incorporating more cybersecurity into the conversation, and “getting them prepped for the cloud and mobile credentials because we think that is the future.”

Stick with preparedness, advises Daniel DeBlasio Jr., BQT Solutions. “Layered security will continue to be the correct approach. However, the biggest advice to the enterprise is to knock down the walls between security departments. You no longer can have separation of physical security and IT security. With the varying sources of threats growing from cyber as well as physical it is imperative that teams truly work together in their planning and execution.”

Remote Access, Meet Multi-family

Today’s technology and electronic access control are changing the way residents enter their apartments. Renters are just as likely to come and go using an electronic fob or app on their smartphone as they are a traditional key.

But these access systems are also changing the way apartment companies do business. For example, while a traditional apartment tour might have meant a leasing agent accompanying a prospective renter to the unit, today, that same tour may be self-guided, with access provided through a temporary electronic fob. And while a dedicated concierge may have been the sign of an upscale luxury apartment community five years ago, a virtual concierge today, working from a central location and tied in through a live video feed, may serve multiple properties.

At a recent National Multi Housing Council Optech Conference and Expo, self-guided tours and smart locks were two of the top rated new technologies. Apartment pros said they’ve seen a lot of success with self-guided tours, with traffic converting at approximately the same ratio as with in-person tours. Smart locks, of course, help apartment owners and operators save money by eliminating the need to rekey a lock once a resident moves out, too. They also allow residents, once they move in, to grant remote access to their apartments for service calls.

“Residents can use an app from their smartphone that allows their home to be unlocked at a specific time, on a specific day, to get their online groceries delivered,” says John Krumme, president at Kansas City-based Cam-Dex Security. “That could extend to the dog walker, too.”

But the advantages of these technologies go beyond benefits to residents. For example, issuing a temporary access credential to prospects so they can take self-guided tours of an apartment not only frees up staff time, it actually can give apartment companies insight into which amenities and features of a community interest that prospect the most.

“Once you issue that credential, whether it’s through a fob or a smartphone, you can see any of the places they accessed along the way,” says Brad Aiken, portfolio leader, commercial electronics at Allegion. “You can see whether they actually entered the gym and walked around to view all the equipment, or whether they just glanced in for a moment.”

Outfitting a property with an electronic access control system gives similar insights once prospects become residents, too. For instance, operators using these systems say they can gauge resident use of common area amenities, such as a common room theater or a pet grooming station, by looking at the access logs that are automatically generated for these systems.

Another advantage is the ability for firms to service several properties within a given geographic region with fewer staff. For instance, a single individual may be able to serve residents at multiple communities after hours within a given geography for lock outs and access to other areas, such as package rooms.

“That could be one person managing a collection of properties,” Aikin says. “It might take the form of an off-site concierge, where the front desk is actually five states away. By combining that with a video feed so that individual can see the resident is who they say they are, they can admit them into the property or mail room to pick up a package after hours.” Aikin notes that type of centralized service also ensures quality control and uniformity in the level of service residents receive.

By leveraging remote and electronic access control using today’s technology, apartment operators can get more out of the staff they have, while utilizing the finite amount of time they have to serve apartment residents in today’s competitive multi-family landscape.

Read the original article here.

Planet of the Apps

by Karyn Hodgson, SDM Magazine

Apps are everywhere today, including the security industry. From residential and commercial user apps, to those targeted at helping the channel with sales, service and installation — we take a look at the current and future potential of this ubiquitous technology.

Wherever you turn today — whether as a consumer, employee, bank patron or business owner — it is almost impossible to avoid using an “app.” You can pay on your phone using an app, deposit a check, play Candy Crush or Words with Friends, purchase items from Amazon and watch videos, to name just a tiny fraction of the more than two million apps available on either Android or iPhone. In the security space, too, apps have found a home, particularly for residential security and connected home users who want to control everything from sound systems and shades to locks and thermo-stats from their mobile phone.

But within the last few years, the commercial security world has also woken up to the great potential of apps. Initially video surveillance proved a natural fit and one that users quickly demanded. More recently, apps for monitoring, intrusion, fire and access control have been added to the mix.

“At ISC West 2017, the vendor without an app or a mobile strategy was very much the exception ra-ther than the rule,” says Nikhil Shenoy, director of product marketing for Falls Church, Va.-based integrator Kastle Systems. “In fact, many systems and companies are migrating to mobile-first strategies.”

The app trend is not surprising to Sean Murphy, director of regional marketing – video systems, Bosch Security Systems, Fairport, N.Y. “We live in a world in which the majority of people in the U.S. and Canada walk around with a powerful connected computer at their fingertips. Because of that connection, they have developed an expectation that most aspects of personal and professional ac-tivities will include that device. In their view, it enhances the experience and delivers higher levels of efficiency, and we strive to make that true.”

Manufacturers of all types of security equipment share that view. “Apps are a natural evolution of the movement toward mobile solutions,” says Bruce Czerwinski, U.S. general sales manager, Aiphone Corp., Redmond, Wash. “People don’t want to be tied to one location to monitor and operate their security systems. Apps are spreading throughout the industry because customers demand them and leading manufacturers are supplying them.”

Most security manufacturers and software providers today believe that apps are a must-have in or-der to stay in the game.

“We live in a mobile-first world,” says David Kunz, director of product management, Brivo, Bethesda, Md. “User engagement in every industry is through mobile applications; customers expect a mobile experience.” Kunz predicts that by 2020, 20 percent of physical access control solutions will be shaped by mobile and cloud architectures.

“For different aspects of my job I rely on apps every day,” adds Jason Ouellette, senior product line director for access control, Tyco Security Products, part of Johnson Controls, Westford, Mass. “Our industry is starting to get to the same place when it comes to using them for configuration of devices and managing of personnel and devices. When done right it becomes instrumental. I think if our in-dustry is not keeping up and following those trends we would start to see shrinkage and move away from being technology leaders.”

Apps have gone from “cool to have” to “must have” today, says Ryan Zatolokin, senior technologist North America, Axis Communications Inc., Chelmsford, Mass. “In the past people wanted to see vid-eo on the phone because it was cool. But today we have found better use-cases for that video. With the cost of false alarms, the ability to verify a video is huge. That makes a real difference.”

Dealer John Loud, president, LOUD Security Systems, Kennesaw, Ga. (featured on this month’s cover), views apps today as an “absolute, vital necessity. Our phone is a full-fledged computer. To have the app now expedites so much of the interactions or transactions. It is vital for any manufac-turer of solutions and for having the flexibility to add in those future IoT items to keep the apps cur-rent.”

This was certainly a key tenant for Josh Hauser, founder of momanddad.com LLC, New Brighton, Minn., a completely app-based “Building Internet of Things” product. “You have to have an app now to be considered a business that’s larger than the physical space you take up in the consumer’s mind.”

SECURITY APPS FOR END USERS

It’s safe to say that, within the security industry, the residential space is out ahead of the app trend. This is partly a factor of sheer volume, says Jim Coleman, president, Operational Security Systems Inc., Atlanta. “It is expensive to write apps. You have to have a lot of people using it and paying for it before it makes sense. The truth is we are not that big of an industry…. There are just more people on the residential side and it goes into the whole lifestyle thing where you can turn your air conditioning down or arm/disarm the system remotely. The number of people using that gets pretty high.”

In the residential security world, apps are critical to sell any system today. In fact, there are many newer connected security systems that don’t even have panels today — they just use a smartphone.

The Dragonfly residential video app, for example, was designed from the start to be an app-controlled product, says Keith Jentoft, Dragonfly leader and integration team, RSI Video Technologies (now owned by Honeywell Security and Fire), St. Paul, Minn. “There is no keypad. The only control you have of the system is your smartphone…. If you don’t have a smartphone you can’t use Dragonfly.”

Video was the initial crossover for apps into the commercial security world, Zatolokin says. “For remote video, since we got smartphones someone figured out that it would be cool to look at video on them. That was about six years ago. But they have come a long way.”

Some would say they haven’t gone far enough. “I honestly see in the video space just about every company has an app that allows you to view video from the mobile phone; but that is where it stops,” says Dan Cremins, global leader of product management, March Networks, Ottawa, Canada. “You don’t necessarily see something that stands above the rest.”

The commercial video industry has definitely reached the point where apps are essential, but not necessarily differentiating. Security integrators are more likely to lose a bid if the product doesn’t have an app than to win it on the merits of the app. This is different than the residential side, where the app interface is the first thing homeowners want to see, in many cases.

“With respect to the video surveillance industry in residential markets, it’s a must-have,” says Michael Lambert, integration and software development specialist, IC Realtime, Pompano Beach, Fla. “Buyers and consumers are making hardware purchasing decisions based off the performance of the mobile application. Frequently this is the first question asked before even looking at surveillance hardware. Having no app (or a poor one) will prevent a potential customer from even looking at your hardware goods.”

Video hardware and software manufacturers realized early on that apps were going to be important. But they are increasingly realizing there is much more to an app than just having one.
“Everybody raced to get something out that was sort of average,” says Andrew Elvish, vice president of marketing, Genetec, Montreal. “We have seen many apps where you can see all the tiles on the phone and they are more or less better or have more capability.

“We have taken a bigger approach to application,” Elvish says. “We find it gives us the agility to take the best from all of our infrastructure products and recombine them into these very tailored experi-ences for the customer…. Apps allow you to bring those features forward for the end user and bridge the consumption gap — the difference between the cool things in the product and what people use 90 percent of the time.”

Access control systems more recently got on the app bandwagon, in part as the mobile and cloud trend began to push forward and end users were more interested in allowing remote control of doors and authorizations.

“In January of this year we launched the new version of Pro-Watch, which includes an app,” says Samir Jain, general manager, enterprise solutions, Honeywell Security and Fire, Melville, N.Y. “It is targeted to the end user or administrator. If you have someone locked out of a building that needs immediate access you can do that from the app. Or you can do the opposite and remove access. If you think about buildings where you have hundreds or thousands of people, you need the ability to quickly turn on and off access to different people. Administrators are seldom at their desk.”

This is the theory behind Aiphone’s apps, Czerwinski says. “Aiphone has offered end user apps for almost two years. They provide audio and visual input from our door stations, allow for remote open-ing of doors, and have paging capabilities.”

Another “app” that is heavily influencing the access control space right now is mobile credentials. “Apps for mobile access control and mobile identity checks have been the most useful in real access control projects,” says Dave Ella, vice president, products and partner programs, AMAG Technology, Torrance, Calif. “However, the big step forward [for us] is new Bluetooth apps for access control be-cause, instead of them being used by a few security employees, they are now available for use by every employee, contractor and visitor to the company.”

As more security technologies get “app’d” that also brings a new challenge or opportunity for both manufacturers and security integrators. “On the residential side … you can say, ‘here is an app for the thermostat and security,’ but cameras may be separate systems [or not],” Jain explains. “The challenge on the commercial side is as an end user, do I have to limit myself to one manufacturer?”

Eric Widener, general manager, LOUD Security Systems, agrees. “Commercially there have been much larger concerns about apps on the network and whether you can keep the security when it comes to cyber threats. (See sidebar, online, website to come.) That has held back app usage. In the past it was limited to viewing cameras; but we are finding now that business owners are allowing us to put an app on their security system to allow principals to arm and disarm the system or for tak-ing control of access and not have the need to be tethered to a full computer station.”

But as the residential world continues to mature into its app usage and the connected home trend advances, the influences on the commercial side regarding apps will likely be great. “When you have access to information at your fingertip, you come to expect it in all aspects of your life including how you manage your video surveillance and access control,” says Melissa Stenger, vice president of product management and marketing, ISONAS Inc., Boulder, Colo. “The pervasiveness of the IoT and consumer-focused brands like Nest are setting expectations for customers and the security industry has to keep up with demands from customers to compete.”

APPS FOR DEALERS & INTEGRATORS

One of the more exciting app trends for dealers, security integrators and installers is an upswing in apps specifically designed to make their work easier. Many video manufacturers, for example, now offer apps to make set-up, troubleshooting and repairs possible from a mobile device.

“To be able to use the phone to focus a camera is a huge advantage,” Zatolokin says. “Coming from the integrator world, there is nothing worse than trying to climb a ladder with a laptop. The idea is the installer can use the phone they carry with them every day to configure that camera on-site. Time is money.”

Integrator Thomas Lienhard, director of business development, Artery Lock Security Integration, Medford, Mass., finds apps like the one from Axis and others very useful. “Axis has a really nice in-stallation tool that … feeds you the view through the camera. When you are finished you dome cover the camera, connect the internal cable, and move on to the next camera. That is a great tool. It used to be you would have to pick up a phone and direct someone to move it left, right, etc.”

March Networks uses QR codes to help dealers and integrators install and service, Cremins says. “If they need to know the serial number they just scan the code on the front. They don’t have to crawl around and look for it.”

Tom Cook, senior vice president of sales, Hanwha Techwin America, New Haven, Conn., calls his company’s device manager app, “the most powerful and useful app that is used on every camera or job with Hanwha cameras.”

“There is nothing more comical than a guy who shows up selling the next greatest technology, then pulls out a piece of paper and a pencil. Let’s use technology to make a better impression.”
SOURCE: Dave Sweeney, Advantech Incorporated

Dealers and homeowners alike really appreciate the mobile app Interlogix launched in 2015 to help with programing and setup, says Warren Hill, product marketing leader, intrusion and smart home, Interlogix, a Lincolnton, N.C.-based part of UTC Climate, Controls & Security, a unit of United Tech-nologies Corp. “We also have a dealer portal so they can access that on anything that is connected to the Internet to remotely troubleshoot the panel sitting in someone’s home. Dealers get calls all the time asking, ‘Why isn’t this working?’ They can get on the portal and quickly tell them what is mostly likely wrong and whether they need to send someone out or not.”

A similar feature from EMERgency24, Chicago, lets both the dealer and subscriber put their system into test and view history, says Kevin McCarthy, national sales manager. “For our dealers we devel-oped a mapping feature that shows them all of their accounts around them when they are in any given area,” he adds.

This is a newer trend in the access control space, Ouellette says. “This past year we have really started to see the integrator community asking for the ability to leverage apps as a way for them to do their job.”

ASSA ABLOY’s new BILT application for Apple and Android devices helped the company win a New Product Showcase award this year in the access control devices and peripherals category. The app gives the installer access to fully interactive installation instructions using a voice-narrated, step-by-step guide to help ensure an efficient installation, according to the company.

Honeywell’s integrator-focused apps concentrate on the selling side, Jain says. “The ones you think about in terms of configuring, quoting, spec’ing are more in the infant stages today. We have a few [more] on the fire side for inspections. We are more focused on how we make our integrators more successful in showcasing our solutions.”

These sales tools pull all the potential solutions into a utility to show prospects how that would look, he says.

This is a key feature of Sonitrol’s sales demo app, says Alyssa Wagner, Sonitrol marketing manager, Stanley Security, Indianapolis. “It allows Sonitrol sales reps to demonstrate impact and the verified audio intrusion concept to prospects. Being able to actually ‘hear’ what makes Sonitrol unique has been a key to our sales success.” They also employ QR codes to help techs use their phones to quickly set up systems, she adds.

Security-Net, a network of security integrators, contracted with AppBarry LLC, a software consulting company, to develop an app for its members to communicate with customers and each other in a standardized way, says Joseph Barry, president of the Atlanta-based firm. Security-Net partners can give customers log-ons and they can access the service portal and submit tickets. The app on the technician side lets them know what they have open, their schedule, etc. On the front end, the app allows integrators to do a site survey from their phone or tablet.

Integrator Dave Sweeney, chief operating officer, Advantech Incorporated, Dover, Del., is a member of Security-Net and an avid user of the app. “It gives our entire team the ability to organize infor-mation. Prior to this our team members would go out and take a whole bunch of pictures and hope they remembered which were associated with which area of the building. This provides a structured way to collect the same information every time.”

Whether it is this app or others that have started to be offered by manufacturers, Sweeney says it is important to show professionalism and technological savvy. “There is nothing more comical than a guy who shows up selling the next greatest technology, then pulls out a piece of paper and a pencil. Let’s use technology to make a better impression.”

Regardless of the type of app, security integrators and dealers wholeheartedly appreciate the effort. “I think some of the more exciting and encouraging things as a dealer are when manufacturers have an app to help us,” Loud says. “When we start to see the installer be able to use an app to do all the programs, those manufacturer apps are trying to make life easier for dealers and those are big winners for us.”

THE FUTURE OF APPS

A look at the connected home market may give a glimpse into where the commercial security market is headed, although there are clearly differences in approach. The residential world — both for secu-rity and for all the technologies it connects to — is almost too full of apps, with more being added every day. When you have individual apps for everything from your security system to your coffee pot, life can get overwhelming in a hurry, which is why companies such as Honeywell, Alarm.com and many others now offer approaches that give the consumers one app to cover everything.

Is “app fatigue” something that could happen across the wider security industry as well? Yes, if things keep going the way they are. But many manufacturers and others have creative visions for where the app trend will end up, and in some cases it may not even have to include a smartphone or tablet.

Note: these numbers may change. In an informal online poll of SDM’s website visitors that asked their opinion on apps, 31 percent of respondents noted that their customers like apps but wish there was one app for everything, while 34 percent agreed that apps are the wave of the future.

Tyco’s Ouellette says his company already offers approximately 35 apps across its product lines — and this number is growing. “In some cases they work together and in others they are independent solutions particular to product lines,” he says. “The need for app consolidation is already starting to happen. We have a total security solution, combining our Kantech EntraPass with DSC intrusion and exacq video that can be managed through a single mobile app. We had customers that were com-bining and using all three of those, so we responded with an app for that.”
“I think apps have given rise to the mobile security manager and disrupted how security gets han-dled, as we found that manually monitoring on big screens is ineffective.” SOURCE: David Kunz, Brivo

He cautions, however, that there are so many different use-cases in the commercial security world that one-size-fits-all may not always be appropriate. Instead, many access and video manufacturers are turning to the cloud and Web service to achieve a similar effect. “Apps will continue to be a growing trend and very important for us in meeting customer needs; but alongside this, Web services and some of the capabilities of those allow us to drive app-like behaviors.”

Shenoy says his customers, too, are seeking the all-in-one experience. “These comprehensive apps include their own integrations as well as third party applications that, in conjunction with security, provide an enhanced end user experience.”

On the video side, Cremins says future apps will include more functionality. “I think it is going to evolve from being able to see live and recorded video, to being able to apply analytics. That is really coming around. The buzz at ISC West was [artificial intelligence] and deep learning. If you can start applying that technology to something you can get in an app, that is amazing.”

Genetec is already designing apps that are aimed at vertical applications, Elvish says. “It isn’t, ‘Here is our access control system or VMS,’ but instead, ‘Here is our application for your university that pulls together things like communications systems, video, access control, time and attendance, and cafeteria solutions into one experience for that customer.”

An application can be both mobile and traditional, he adds. “Apps are an application of technology to a mobile framework. That is the essence of them. In tailoring the experience of that technology to a specific application in many cases it will be mobile.” In other cases it may even include augmented reality through the phone.

“Our belief is that right now our frame of reference is a phone, but I think it will encompass so much more,” Elvish adds. “It’s about understanding our environment in a very tailored and focused way. That could be through a phone or augmented reality glasses.”

Not surprisingly, Honeywell, one of the leaders in a consolidated app experience on the residential side, is also looking at this for the commercial side. “What is different about where we are going is we try to focus on really strong integrations with our products,” Jain says. “Going forward I expect the notion of integration in a single app and it will be a cloud-based system.”

Definitions may not be the ultimate goal, Jentoft adds. “I don’t think it is about the app itself. I think the service behind the app is most important. Ultimately, I will want those services given to me so I can consume them in the most efficient way…. The service that you are delivering can be packaged to various verticals or specific kinds of markets or applications. But they do want it packaged. The platform is the smartphone and the app is the graphical user interface. Customers are using that phone to touch the services at the other end.”

Sweeney is hoping the app trend continues to evolve and mature for the good of his customers, and the industry as a whole. “Holistically I would like to see the manufacturing community embrace technology down to the application level. We call ourselves technology companies and we typically do some pretty cool stuff to solve customer’s problems with technology. But sometimes that final user touchpoint isn’t up to snuff with the balance of how our customers interact with computers on a daily basis. There is tremendous room for improvement.”

End user demand is not going to slow down, Kunz says. “I think apps have given rise to the mobile security manager and disrupted how security gets handled, as we found that manually monitoring on big screens is ineffective. Mobile applications help to free up time and allow users to become more engaged in other activities. Gone are the days an admin is tasked to manually monitor the security of a business, because with mobile applications you are no longer stuck or confined to a desk.”

What Makes a Good App?

What goes into making and maintaining apps? For many in the industry it has been a steep learning curve to figure out how to optimize the most features and functions on a mobile device without mak-ing it too cumbersome or difficult to use.

Apps can’t be just for the tech geeks, says Tyco Security Products’ Jason Ouellette. “From a traditional server/client solution, a mobile app has less bandwidth and a smaller visual area to work with. Learning how to move development around those constraints and make it still functional and intuitive presented a whole new challenge for our team.”

Customers are looking for a good-looking app that is stable, says Thomas Lienhard, Artery Lock Se-curity Integration. “There are millions of apps out there and a lot of them just sort of work, or you have to park other things in the background and the graphics look like Minecraft, and you are won-dering what type of developer did that?”

Todd Piett, ENP, chief product officer at Rave Mobile Safety of Framingham, Mass., a company that provides personal safety apps, says apps that are not going to be used daily particularly need to be simple in design. “Our focus first and foremost is on simplicity of use during a stressful situation. Dur-ing an emergency usability is critical and you can’t depend on a unique process being remembered.”

Genetec recently white labeled some apps in a collaboration for a smart office, says Andrew Elvish. “[That process] teaches you a lot about what commercial end users are going to be expecting. These were not security professionals. It really got us thinking about what this experience is like.

“I think the No. 1 thing is to not think about the app as just your desktop application running in a slightly less performant way on a small screen. That is the kiss of death,” Elvish says.

With limited space to work with, having an app is a bit like having a tiny apartment and buying a new piece of furniture — you have to figure out where to put the old furniture without making it too clut-tered, says March Networks’ Dan Cremins. “As we cram more functionality within the app, you don’t have the room you have on the desktop. How do I add more functionality without making the inter-face more complex? Every time we add functionality we also streamline the interface.”

And adding functionality is expected — frequently. “Apps are more like the cloud,” Elvish says. “People expect their app to update frequently with new and delightful things. It cannot be static.” Genetec strives to release something every week-and-a-half to two weeks, he says. “It is not typical in our industry to update that frequently.”

This comes as a surprise to many in the security industry, says Honeywell’s Samir Jain. “I don’t think we knew on day one that development doesn’t stop after six months. When you talk about making an app it is a permanent investment to continue to enhance and keep features fresh. It is not a one-time thing, which is significantly different from what we have traditionally done.”

Joseph Barry, president of AppBarry LLC, the software company that developed an app for Security-Net, says his company works on two-week “sprints.” As soon as one update goes out, they meet to figure out what to do next, he says.

Should You Develop an App?

So far the majority of apps in the security world have come from manufacturers and large organiza-tions. They are complicated, expensive and require ongoing care, so their development isn’t for the faint of heart. Still there are some dealers or integrators that have done it, and there may be more in the future who see a reason to try.

“Integrators that offer additional services or want to focus on specific needs of a market have created their own apps, says Bosch’s Sean Murphy.

Kastle Systems is one such integrator. The company introduced its IoT platform app in January 2016, says Nikhil Shenoy. “It includes a hands-free access control, a personal mobile panic button, notifications, location awareness and a growing suite of security and building-oriented features and integrations.” The company’s MyKastle app, which enables customers to unlock and lock doors remotely, is another offering.

Who Is In The Facility?

By Allan B. Colombo, Facility Executive

Security is an important part of business in high-rise office buildings, manufacturing facilities, campus settings, and facilities of all sizes. This includes the development of an intelligent security network that provides for secure, automatic access security policies; and seeks to provide actionable data related to the comings and goings of regular employees; outside, on-site consultants; as well as short-stay visitors.

“Corporate security has become a high-profile issue since the events of September 11, 2001 exposed America’s vulnerability to terrorist attack,” says Thomas E. Cavanagh, author of Corporate Security Measures and Practices, An Overview of Security Management Since 9/11.

In this article we’ll talk about the need and function of access control and visitor management systems. We will look at how these systems are sometimes connected internally by a single software solution as well as other integration methods. Read more

How to Enhance Value Proposition and RMR Potential With Managed Service Providers

Puzzled by the networking know-how needed to deliver a ‘complete’ security solution these days? MSPs may fill your missing cyber piece.

by Erin Harrington

Cybersecurity and all the challenges that come with it, looms large over the physical electronic security industry.

A different kind of expertise is now needed from security integrators, notes Bill Bozeman, president and CEO of PSA Security Network, who likens today’s cyber influence somewhat to when things went from analog to digital and integrators had to either develop their own new skillset or forge partnerships to meet end users’ needs.

“Our traditional community of integrators are comfortable with due diligence on traditional security products and the vast majority are very IT savvy and so good at what they do,” says Bozeman, whose organization has included cybersecurity annually as a highlight of its TEC event education agenda.

“But many integrators are going to struggle with cybersecurity. It’s not simply deploying a device on a network anymore, and it’s no longer the kind of system they’re so adept at deploying.”

So what is a traditional physical security dealer/integrator to do? “Get savvy,” says Bozeman, who urges integrators to build a general knowledge base of IT services and other cybersecurity offerings to begin rethinking their firm’s business value to existing and prospective customers.

But the nature of today’s risks is constantly evolving, making managing cybersecurity an even tougher task for security integrators getting involved in it. Consequently, we’re seeing a sharp increase in demand for IT managed service providers (MSPs), whose expertise more integrators are turning to in order to deliver comprehensive security solutions to end users.

Read on to learn more about what MSPs can do for you, as well as tap into some handy resources to help improve your own cyber education.

Cyber Awareness, IoT Create Challenges

Headquartered in Austin, Texas, SolarWinds is a value-driven provider of products and tools that solve a broad range of IT management challenges related to networks, servers, applications, storage, virtualization, Cloud, or development operations.

Ian Trump, SolarWinds’ global cybersecurity strategist, notes that demand for MSPs is driven by a few factors, including the threat of data breach and extensive coverage of those breaches, ransomware attacks and cyber fraud coverage in the media, as well as the desire of MSPs themselves to expand services into security and compliance offerings.

“There are many crossover opportunities, from building management systems [BMS] integration, security systems and voice over IP PBX deployments,” Trump says. “This is firmly in the territory of Internet of Things [IoT], and physical security integrators are in desperate need of solid networking skills, which MSPs have. There is a growing awareness of the challenges of moving IoT into business and it requires an advanced security skillset. Firewall rules, networking VLAN or net-mask segmentation are all required to integrate IoT devices as safely as possible.”

To help integrators deliver complete security solutions, MSPs need to do two vital things, according to Trump: build for capacity — not just for current needs, but for future needs; and provide documentation, especially network diagrams.

“It’s super helpful if the security integrator can meet with the MSP first, so any differences in opinion can be hashed out,” he says. “I think the capacity issue is an important consideration — security DVRs, cameras and software will hammer a network if it’s not properly implemented, and a key fob access system which is not protected by a UPS could be problematic during a power outage. MSPs need to be thinking about these challenges and anticipating what their clients may want in the short and longer term.”

It’s taken a while for cyber and physical security to come together under the same umbrella, but many integrators are indeed adding on or acquiring cyber management knowledge, according to Steven Grossman, vice president of strategy and enablement for Bay Dynamics.

The San Francisco-based company provides an enterprise software platform that calculates the value at risk associated with specific threats and vulnerabilities, and measures how much risk can be mitigated by applying certain actions.

“Cyber is a key aspect of physical security technology, and protecting physical security technology and infrastructure has been critical for a long time. Now MSPs and integrators are pulling it together to offer one-stop shopping,” he says. “The MSP angle is a great way to promote that consolidation.”

It’s also a potential angle for providing security integrators an additional revenue source, Grossman suggests. As Grossman points out, in the past integrators would perform the install and say, “Thank you very much. Let me know if you have any problems.”

With the added dimension of cybersecurity, it becomes an ongoing operational relationship vs. an installer relationship.

“Tacking on the services of an MSP to monitor for events and proactively identify vulnerabilities — and provide the remedy and response for integrators — is also giving them an additional revenue source and more comprehensive offering,” he says. “This becomes a subscription, so to speak.”

Along with additional RMR potential, partnering with MSPs also strengthens a security integrator’s capabilities while allowing them to focus on their core competencies — and perhaps stay cost efficient from a personnel standpoint as they give their solutions portfolio an instant boost.

“MSPs are specialists in the maintenance of the various networks in use in the business environment and they save the company the cost of an IT department. It’d be advantageous for an integrator to work with an MSP as a business partner to provide their expertise on things like network organization and cybersecurity protection protocols,” says Joe Holland, vice president of engineering for LifeSafety Power, a Mundelein, Ill.-based provider of power supplies for intelligent networking devices.

“Even though integrators are certainly very capable in their own areas, an MSP can add that cybersecurity capability component immediately to the pedigree of an integrator.” Chris Salazar-Mangrum, senior IT project manager for PSA Security Network, echoes that MSPs can enhance integrators’ value to customers by expanding the solutions portfolio and simplifying the cyber world.

Leveraging MSPs can address needs such as data backup, disaster recovery, device encryption, vulnerability assessments, network monitoring, cyber policy creation and enforcement, to name a few, he says. (See sidebar for more on PSA’s resources.)

The coming together of traditional physical security integrators and IT MSPs also marks a merger of asset management and risk management savvy appreciated by end users.

“What keeps them up at night is having an event that lands them on the front page,” Bay Dynamics’ Grossman points out. “I think we’re seeing a transition from tactical defense, in-depth implementations to a risk management mode of operation.”

In this regard, he contends that the physical side is ahead of the cyber side, as they’ve known all along the critical parts of their buildings and infrastructures, including where people and access systems are based, and have been taking a risk-based approach for a long time.

“But the cyber guys, because of the nature of cyber, have been running with their hair on fire up and down the hallways trying to patch all your vulnerabilities across all your machines, learn what and where your assets are and what’s most important, which is difficult in the IT world,” Grossman says.

“Even the most sophisticated companies are challenged when it comes to asset management, as it means they’re now managing your threats, compromised accounts, third-party access — pretty much the same things the physical security guys have been tasked with. All those things are getting greater attention on the cyber side these days within the frame-work of risk management,” he adds.

How to Adopt the MSP Approach

Security integrator A3 Communications, headquartered in Columbia, S.C., recognized the value of that convergence a decade ago, when security became more IP based.

“We’re a true systems integrator and we not only provide IT managed services but also network infrastructure and virtualization services,” says Brian Thomas, president.

“Coming from a foundation of networking, we were early adopters and we’ve taken that knowledge and leveraged it on security side which has given us an advantage. Our belief was that if we own the network, we should own everything attached to the network.”

To that end, A3 has a managed IT services practices division, a fully manned help desk, and provides remote management and monitoring of customer’s devices, servers, phones … anything IT based.

Thomas is finding that instead of end users’ facility directors his company is usually dealing with IT directors nowadays.

“A lot of this stuff can be Cloud-based and not a big investment on the front end to add cyber. It’s a value-add for an integrator, and if they pass that off to an MSP they lose that revenue,” he says.

For integrators, becoming familiar with all the possibilities to provide an end user is particularly pertinent given that MSPs have multiple levels of offerings from help desk support to managing your IT infrastructure and network purchases, Cloud-management, vulnerability scans, and more.

“Look for references and example documentation from the MSP,” says SolarWinds’ Trump. “As a security integrator, you need to know the various products features and requirements, you need to know what the best practices are. The MSP and integrator meetings have to present a united and professional front to the customer.”

PSA’s Salazar-Mangrum also cautions that a strong leadership team is a must to have your back.

“If you cannot trust the MSP’s leadership team and vision, move on to the next. Do your due diligence and don’t rush it,” he says.

“Create a smart sourcing plan, hire a 1099 sourcing professional if needed, understand your business needs and decide if you want your MSP to help with only your IT needs or your end-user needs, as well.” As Trump says, “The IoT market has greater market potential than security for both integrators and MSPs. They must work together to ensure the customer is safe from cyber threats — this makes the Internet better for everyone.”

Read the original article at SecuritySales.com

Getting the Most out of Services

Just about all security dealers now offer interactive services. Are you doing everything you could be to maximize their value for your customers and your business?

by Joan Engebretson

The security business hasn’t been the same since interactive services came along. Many customers find great value in being able to interact with their systems using their smartphones or a browser interface. As a result, security dealers not only have seen increased recurring monthly revenue (RMR); they’ve also found that customers who use interactive systems see value in those systems and are less likely to churn.

SDM spoke recently with representatives from several security dealers that have had significant success with interactive services to get their advice on how to maximize opportunities in this area.

Selling Interactive Services

Anderson, S.C.-based Blue Ridge Security Solutions sells what Dustin Reeves, sales and marketing manager for the company, calls “remote arming” capability to about 80 percent of new customers, yielding at least five dollars more a month in RMR, Reeves notes. Customers choosing remote arming also get some other capabilities, such as the ability to establish a geo-fence around their home that automatically alerts users if they forgot to arm their system.

“The conversation often starts about smartphone control,” Reeves observes. If not, salespeople ask customers if, for example, they were ever away from home and realized they forgot to arm their system, thereby setting the stage for a discussion of interactive services.

Corey Spano, senior security consultant for Baton Rouge, La.-based Custom Security Systems Inc., also notes that customers often bring up smartphone control early on in a sales call. “People ask if we have an app even though they may not know what it can do,” Spano comments.

If the customer doesn’t bring up interactive services, the salesperson first asks about the customer’s overall needs, and then brings up interactive services as an added feature, he explains.

A smartphone or mobile device is a key part of how salespeople demonstrate security system capabilities.

“We used to show customers a keypad; now we show you a phone,” comments J. Matthew Ladd, president of The Protection Bureau, Exton, Pa.

In demonstrating the interactive services of a security system, Spano says he always takes care to mention the ability of the system to automatically send a text message when, for example, a child arrives home from school. This capability keeps the system in constant use, Spano notes. And those who use their systems most frequently are least likely to churn.

Text messaging also enables customers who have basic cellphones rather than smartphones to use interactive capabilities, Reeves observes. While the majority of homeowners have smartphones, almost everyone has some type of cellphone. Tapping into text capability can expand the base of potential customers to whom dealers can offer interactive services.

Some dealers don’t charge a monthly fee for text-only capabilities because those capabilities may not require the services of a cloud provider. Nevertheless, it may be a good idea to set up customers for text capabilities to enhance their satisfaction with the system.

Another useful tip comes from Glenn Mertens, president of Jefferson City, Mo.-based Smart Solutions Inc. The demonstration that Smart Solutions does for potential customers includes a discussion of a smartphone app capability that enables end users to cancel alarm signals that they receive. As part of the discussion, salespeople explain how that capability can reduce false dispatches, which may entail fines in some towns and cities.

Beyond Basic Services

As for interactive services pricing, most dealers we spoke with use a tiered approach, charging $5 to $10 for basic interactivity such as remote arming and disarming and an additional $5 to $20 for smart home capabilities such as the ability to control lights, door locks, thermostats and video. Rather than sell interactive services as an add-on, some dealers bundle it in to the system price.

While many customers may sign on for basic interactive services such as remote arming and disarming, the percentage that will pay extra for smart home and/or video control is considerably smaller, dealers say. For example, about 30 percent of Blue Ridge customers purchase home automation, Reeves says. He adds, though, that the percentage is “rising dramatically.”

Blue Ridge salespeople refer to interactive capabilities as “lifestyle services,” Reeves explains. Salespeople use their own apps to demonstrate various capabilities such as the ability to control garage doors or thermostats by interacting with demo systems at the company headquarters.

Even though the majority of customers may not want home control capability, most dealers that were interviewed recommend at least mentioning those capabilities to potential customers.

“Make sure they realize you can do it,” Spano advises. Customers’ needs may change in the future and it’s important for them to know that a dealer can support those needs, he says.

Don’t overlook activity sensors when explaining interactive service options, adds Robert McDonald, general manager of Jessup, Md.-based Vintage Security. Contacts on liquor cabinets that alert homeowners when the cabinets are opened appeal to many customers, McDonald notes. He estimates that Vintage salespeople sell activity sensors for one out of every four or five jobs.

Video on the Rise

Tampa, Fla.-based SafeGuard America approaches interactive services marketing a bit differently from some other dealers, observes John Keith, vice president for the company.

“The video market has opened doors for us in businesses and residences,” Keith explains.

One of the reasons video traditionally has been a hard sell is that customers typically want recorded video and traditionally that was expensive and complicated. Keith notes, though, that SafeGuard now uses a camera that has a $10 SD-card built into it and end users can access video recorded on that card using a smartphone app.

SafeGuard cameras also offer end users two-way voice capability, enabling the cameras to do double duty as a videoconferencing system, in addition to providing surveillance. Capabilities such as these have proven to be so popular that in addition to offering packages with security and video, SafeGuard also offers stand-alone video systems with up to four cameras with interactive capability for $20 a month.

Most purchasers opt for two cameras — one indoors and one outdoors, Keith says.

Operational Issues

Once a customer has made the decision to purchase a security or video system with interactive capability, what advice do dealers have for getting the customer set up to interact with the system?

“I try to get them to download the app while I’m with them,” Spano comments. “It’s surprising how many people don’t know how to download an app.”

Spano says he tells customers, “Here’s the app. Let’s get it put on. When our guys get there, you’ll be ready to go.” Typically, the app downloads while Spano and the customer are completing paperwork.

Some other dealers say installers are the ones who help customers download the app. But regardless of who downloads the app, sources say installers take time to review how the app works with the customer. Installers also help the 10 percent of customers who want more sophisticated capabilities such as smart home scenes, notes Jason Cloudt, vice president of sales and marketing for Omaha-based Security Equipment Inc.

After systems are put in, dealers should be prepared to receive more service calls from customers who use interactive services, in comparison with customers who do not use those services. Several dealers note that customers tend to call when they get a new smartphone to ask how to put the app on. And customers with video systems may call when they change their Wi-Fi password because the camera no longer works correctly, Keith observes.

Reeves notes that dealers also may get calls from customers who believe their systems are not responding correctly to smartphone commands when the real problem is poor cellular coverage — an issue that those answering service calls should be prepared to discern by asking the right questions.

Security Equipment has a remote services team to answer calls about interactive services, Cloudt says. The company offers hosted access control and the team initially was established to answer calls about those services. Later, it was a natural fit to have that team also handle calls about interactive security systems, Cloudt explains.

“It was really us being able to provide the best service possible in the products we provide,” he comments.

With virtually all security dealers offering interactive security services today, gaining a competitive advantage can be critical. And in the interactive services market, gaining that edge may be a matter of focusing on best practices — from the sales call to installation to ongoing service.

Read the original article at SDM Magazine.

How to Succeed in the Top 5 Access Control Verticals

Security integrators and manufacturers talk about the similarities — and differences — in designing, implementing and servicing access control solutions in five key vertical market sectors.

by Karen Hodgson, Senior Editor SDM Magazine

According to the SDM Top Systems Integrators Report, published in July 2016, the top three vertical market sectors are corporate, education/campus and healthcare, all of which rely heavily on access control technology as part of their overall security solution. Security integrators also mentioned other relevant verticals as front-runners in security spending, including utilities/critical infrastructure and one that is being increasingly discussed by manufacturers and integrators alike: multi-family residential. Each of these five verticals is very different from one another; but they do have some commonalities concerning access control.

“Access control as a whole has grown over the last several years, with some reports showing an annual growth rate at 7.5 percent,” says Mitchell Kane, president, Vanderbilt, Parsippany, N.J. “For corporate entities, higher education, healthcare, utilities and critical infrastructure, as well as multi-family units, this growth can be attributed to rising urbanization, increased threats to public safety, and the need for technology to change in line with evolving risks.”

It is impossible to talk vertically without some overlap, and in SDM’s interviews with industry professionals in these sectors a few general, and even surprising, trends surfaced. For example, biometrics was mentioned as a factor in virtually every one of the five, as was cybersecurity. Mobile credentialing is an emerging technology that has varied acceptance rates across these vertical sectors (with some starting to really embrace it and others not at all). And, of course, the general desire for access control applies in almost all of the cases.

“The top three trends across the majority of these verticals are all very similar,” says Justin Wilmas, director of sales for Eastern U.S., AMAG Technology, Torrance, Calif. “In my experience they are all looking at identity management, visitor management and the latest and greatest in technology…. Fundamentally all of these verticals have the same challenges when you look at how they manage identities and how they get access. The organization invests lots of money in access control systems thinking that will solve the problem, but you still need people to manage these systems. Operationally you haven’t solved the problem. Then there are external factors such as compliance and regulatory bodies that want to know why these people have access.”

This leads to a common desire for better information-gathering, says Derek Arcuri, product marketing manager, Genetec, Montreal. “One trend we are seeing across multiple verticals is unifying information for quicker and more informed decision-making. A common pain … is large data sets coming from disparate sources that lack timely amalgamation so that informed decisions can be made in a timely fashion.”

Wilmas, Arcuri and others point to another common thread across the verticals: Cybersecurity. “If you look at what is happening in today’s world, in three of the verticals it is more pertinent than others: corporate, healthcare and utilities/critical infrastructure,” Wilmas explains. But higher education and even multi-family are not immune to this widespread threat.

Similar concerns do not always lead to similar approaches, says Bruce Czerwinski, U.S. general sales manager, Aiphone Corp., Redmond, Wash. “While each vertical market may have slight variations, the basic concerns are the same: who can access the premises and for what reason. [But] healthcare and higher education by their nature have to be more open than the other verticals, which makes access control more of a challenge than that faced by corporate and utilities facilities.”

However, some technology trends are nearly universal, such as integration and the desire for open protocols, says Rick Focke, senior product manager, Tyco Security Products, Westford, Mass. “People don’t like to be hemmed in and pushed into one choice.”

Manufacturers of access control systems tend to offer systems that can be tailored by the integrator to any number of verticals.

“You modify the system around how you need it to work, versus changing how you do things around the system,” Wilmas says. “All these verticals are very different in nature, but the problems are all the same.” Wilmas recommends looking for a policy-based system that can help the end user incorporate how they operate.

But a growing number of vendors of both software and hardware are designing at least some of their solutions around one or more specific vertical needs. For example, ASSA ABLOY, New Haven, Conn., has solutions tailored to the multi-family market, says Mark Duato, vice president of integration solutions. What’s more, he recommends that such specialization might be a good approach for some integrators, as well.

“Progressive integrators in the marketplace build marketing programs and services around the verticals they feel they can be most effective at serving. You don’t have to be everything to everybody. You can be really good in healthcare and run a really great business. Our goal is to build specialized products that help those progressively focused integrators deliver unique approaches into the verticals they serve,” Duato says.

Tyco generally produces access control products that apply to most verticals, Focke says. “Access control opens doors, whether it is for hospitals or higher ed. But we have started focusing on specific [vertical] features. First it was government because they have such different standards for the FICAM high-assurance cards. Now we are looking at the utilities/infrastructure market, which is a nice fit for our system that scales for thousands of sites.”

He acknowledges there can be challenge to integrators in specializing. “Most can’t afford to specialize in just one vertical and instead go for whatever job they can get,” he observes. However, whether you are a specialist or a generalist with a concentration of jobs in particular verticals, Focke advises getting more involved in the particular needs of the vertical market you are working in. “If it is a healthcare vertical, get involved in local healthcare organizations and talk to security directors in that vertical. There are some working committees. Just get involved locally and keep your ears open and look for new opportunities.”

Tim Vahary, product manager, RS2 Technologies LLC, Munster, Ind., adds that even as a generalist, a good relationship is the key to getting the most out of access control technology for your client. “Being [cognizant] of the needs of your client is key to building a lasting business relationship that is beneficial to both parties. Every client has different requirements, but with the options of modern access control, a knowledgeable integrator can provide the right solution to meet their needs.”

Read on for what makes each of these five verticals unique to work in, the challenges and rewards, as well as how they are reflecting the common trends in their individual markets.

Vertical Market Sectors

Security professionals share knowledge about what makes each of these market sectors tick when it comes to their access control and identification needs:

  • Corporate
  • Healthcare
  • Utilities/Critical Infrastructure
  • Higher Education/Campus
  • Multi-Family Residential

CORPORATE

The corporate vertical is by far the most broad-ranging, and really more of an umbrella term for a collection of businesses that range from a small law office to an international enterprise. Integration, automation and centralization are the general rule-of-thumb for any corporate business of scale, says RS2’s Tim Vahary.

“Modern corporate demands are constantly changing. Access control is capable of managing and monitoring facilities spanning the globe from a single location,” he says.

“Frictionless” describes a whole host of trends in this vertical, from a renewed interest in biometrics such as iris and facial recognition, to automatic visitor registration to elevator destination dispatch.

“These buildings, the security part of it is card access or biometrics, meaning you don’t get access unless you can identify who you are,” says Dave Chritton, senior sales manager, Microbiz Security Company, San Francisco. “Right now that is typically done with badges or fobs, but the trend is going towards smartphones and also biometrics. Another big thing we are seeing is smart elevators that allow tenants to go from the first floor straight to the top without all the stops and starts.” It also ensures that only authorized people can reach certain floors, particularly critical in a mixed-use or multi-tenant office complex.

For integrator Henry Hoyne, vice president of professional services, Northland Control Systems Inc., Fremont, Calif., the corporate experience is tied to his company’s Silicon Valley location. “In our vertical, which primarily comprises high-tech corporations, autonomous robots, cybersecurity hardening and facial recognition seem to be on the forefront.”

While this vertical is hard to pin down to individual traits, Hoyne says his corporate customers are technologically savvy, interested in “keeping up with the Joneses,” even to the point of seeking out cutting-edge or bleeding-edge technology, and extremely concerned about cybersecurity.

The latter is a common theme among manufacturers and integrators alike when discussing the corporate space, which has been hit with some high-profile breaches in recent years.

“Integrators selling into the corporate market need to understand that they must provide solutions to cybersecurity as well as physical security,” says Scott Lindley, president, Farpointe Data, Sunnyvale, Calif.

Corporate clients large and small are looking for less bulky infrastructure, Wilmas says. “Traditionally to do access control is a very heavy lift to buy a lot of hardware and build a security infrastructure. Now they are saying, ‘Well it doesn’t have to be, with things that are sustainable like PoE integrated locks that can essentially control everything without a lot of infrastructure.”

In some cases the desire for less “bulk” means turning to a hosted or managed access control system, increasingly cloud based. This logically follows on general corporate business trends, says Nikhil Shenoy, director of product marketing for Kastle Systems (SDM’s 2015 Systems Integrator of the Year). This has led to a more distributed workforce that is not only more apt to look for different types of architectures, but also more interested in newer types of credentials such as mobile or biometric.

“Corporations themselves are evolving,” Shenoy says. “The world’s largest photo-sharing site doesn’t take any pictures. The world’s fastest space-leasing company doesn’t own any real estate. The world’s largest ride service doesn’t own any cars. It is becoming harder to classify and having solutions to evolve with those needs is the way all security is going in that vertical.” Kastle offers a managed access control approach, which works particularly well in the SMB and multi-tenant office space, along with providing the integrator a nice source of RMR.

Access control, particularly in larger deployments, is historically a “sticky” technology — not frequently or lightly changed out. As a result, many in the corporate space are looking to do much more with the information gathered by access control.

Norma Schiller, global systems, Honeywell Security and Fire, Melville, N.Y., points to a definite trend in sharing databases between access and other areas to determine things like how space is being utilized and which entrances are being used. “Are people working from home three days a week? Can we reduce our footprint in space leasing?”

For Hoyne, the corporate vertical is savvy, yet resilient. “Do your homework,” he advises. “Have a team that is up-to-speed in all that encompasses IT. Do not just throw around buzzwords, because once they see through that they’ll discredit you. And most importantly be up front and honest. Do not exaggerate your capabilities. Speak about what’s possible and discuss and share risks [but] don’t be afraid to say ‘no.’ Clients, believe it or not, do not want a ‘yes’ man. They want to be challenged. It shows you care and want to do what’s right.”

HEALTHCARE

Hospitals are often faced with a conundrum when it comes to security, says Kelle Shanks, senior account executive, Convergint Technologies, Schaumburg, Ill. “There is this dichotomy of ‘come in and stay out,’” she describes.

“There are public and non-public areas,” adds Jeremy Bates, general manager, Bates Security, Lexington, Ky. “There are all kinds of areas where you have to put security but still be an inviting and open place.”

Shanks says card access control is a bigger deal than ever before in this vertical as hospitals tie many more areas to the card. “They have card access for trash chutes, food, vending, soiled utilities. It’s not a new technology, but it is coming back in vogue.”

Added to that, hospitals are also actively looking at biometrics these days, particularly technologies that can provide security while still allowing gloved personnel to be “hands free.”

Cybersecurity is also high on the list for healthcare — perhaps even more than some of the other verticals. “Patient records are the next gold mine of information that is often stolen, so their IP systems are really getting locked down,” Focke says.

Shanks agrees, adding that one hospital client recently told her they get 20,000 hits per day on their network with people trying to access patient or even research information.

Regulations such as the Health Insurance Portability and Accountability Act (HIPAA) touch on both the cyber and the physical when it comes to regulations, typically requiring two-factor authentication to get into sensitive document areas.

Access control systems play a vital role in healthcare security when it comes to such regulations — beyond just locking the door. “The Joint Commission requires special areas and rooms to be secure, defined as a locked container or door with an ongoing analysis of measures you have in place and level of compliance,” says Del Deason, senior vice president, Vision Security Technologies, Birmingham, Ala. “The reporting feature of access control gives us the forensic ability to demonstrate that compliance.”

While HIPAA is well known, another regulation is newer and requiring not just two but three-factor authentication.

“The Global Threat Reduction Initiative (GTRI) is a project from the Department of Energy with Sandia Labs to secure radioactive sources,” Shanks explains. “Anytime you do blood you have radioactive, plus the radioactive materials they use in cancer therapies. There has to be a triple factor on every one of these rooms.”

Like its corporate cousins, the healthcare vertical also seeks to get more out of the access control investment, says Scott Wheatley, senior account manager, KST Security, Indianapolis. “I’m starting to see several of my hospitals try to maximize their investment by using that equipment in non-traditional ways. They are using existing cards and readers to track training, resident lectures and run reports to verify a resident has attended that lecture for their compliance and instructional needs.”

Another similarity with corporate is the upswing in visitor management for more than just the maternity wards. “We are seeing more interest in self-service kiosks at main entrances to track everybody who is in house,” Deason says.

For integrators working in the healthcare sector, there are a few things that distinguish this vertical from others.

“A lot of working in hospitals is about infection control,” Shanks says. “Anybody who works at a hospital has to have their full array of vaccinations. The technicians also have to understand that it can be an emotional environment and be sensitive to what they see and hear.”

Hospitals are faced with complex challenges that demand cooperation from many groups, she adds.

“Healthcare is as demanding a customer as you can probably have,” says Skip Sampson, president of KST Security, Indianapolis, and current president of Exton, Pa.-based Security-Net. “Many of their services are internally staffed, so they are accustomed to instant response to problems, whether in the kitchen or a patient’s room. So you really have to respond and communicate at a very high, fast level with healthcare. They demand and expect that and it’s one reason we are successful at it.”

UTILITIES/CRITICAL INFRASTRUCTURE

Healthcare is not the only heavily regulated vertical on this list. No vertical here is more regulated than utilities/critical infrastructure, and that informs much of their needs for access control.

“The electrical grid grew organically starting in Manhattan 134 years ago and now spans all 49 continental states,” says Stephen Joralemon, engineering manager, G4S Secure Integration, Willowbrook, Ill. “Thus, from a security perspective, utility companies are a geographically dispersed customer with facilities ranging in age.

“Government regulations drive the implementation of security measures at utility providers. Proposed security needs to be tied directly to a customer’s tier rating and reduction of risk. Otherwise, there is not only risk of an intrusion, but of a fine.”

Christopher Kieta, senior director of strategic sales for Dallas-based Securadyne Systems, SDM’s 2016 Integrator of the Year, says utilities are more like government verticals because the regulations have real teeth to them. North American Electric Reliability Corp. Critical Infrastructure Protection (NERC CIP), the predominant regulation in this vertical, is fairly straightforward, he adds. “When NERC CIP changes it is very clear what you have to do to help them remain compliant.”

Unlike many of the other verticals here, utilities are much more traditional and risk-averse when it comes to trying new technologies such as wireless, mobile and cloud. But that doesn’t mean they aren’t interested in them, says Matt LaRue, senior sales executive, Convergint Technologies. “We are often asked to team up with consulting firms to come up with technology to test. Some make it to the final design criteria and others don’t.” One recent project was seeking to understand the security of mobile credentials and how the data is encrypted, he says, although they are not implementing it at this point.

One thing utilities are on the forefront of, however, is cybersecurity. “They are creating security-centric IT teams,” Kieta says. “This is a subset of traditional IT services that either embeds itself with security or is dedicated to … creating standards for not just how they get deployed but what they will do to safeguard them once they are installed. We don’t see that in other industries.”

Utilities are farther along with cybersecurity because of their more formalized compliance structure, says Tyco’s Rick Focke. “They have had white papers and have had to respond to different issues and standards [around cyber],” he says. “They are more interested in biometrics, as well.”

One of the unique things about working in the utilities/critical infrastructure space, say integrators, is the level of commitment it takes to succeed. “You can’t just wake up tomorrow and decide to do it,” Kieta says. “It requires a large investment. Our service relationship with utilities is stronger than any other vertical we have. We have strategic discussions about how our service program supports their business. We meet with them on a quarterly basis and have reviews. It is a constant fine-tuning of that process.”

Utilities can be a very challenging client, LaRue says, because things move so fast. It is also important to be aware of safety. “There is a high possibility of injury or worse on these sites; continuous safety training and checks are critical,” he says.

“The installation of security technology is only one part to an effective security program,” Joralemon says. “We often find that it is necessary to go beyond just a technology solution and actively engage the customer to develop operating procedures, system and personnel performance reviews, and security education programs.”

HIGHER EDUCATION

At his freshman daughter’s college orientation, even integrator Darren Wieder, business development manager for Convergint Technologies LLC, was surprised to learn how much both access control and cybersecurity have become a part of daily life on campus.

“It is access to their room, their building, their school ID, it gets them food, laundry, McDonalds, Starbucks and checking in for tests. The single card is now doing everything.”

But what really surprised him was the cyber aspect. “You can’t just go sit and use the Internet. You have to register all your devices so they can monitor who you are and what you are doing.” Students even have to register video games and smart TVs, he adds.

“Higher education has a high density of door applications, meaning the traditional cost of deploying access control is expensive and cumbersome to manage,” says AMAG’s Justin Wilmas. That is why a larger reliance on the campus Wi-Fi, IT and wireless technology is much more typical in this vertical. “Most universities build their wireless IT infrastructure to support anywhere from five to 20 devices over time. That is a huge investment they are making, so why would you not bolt your access control onto that same investment?”

The proliferation of wireless locks on dorm room and classroom doors has been a big trend in recent years, says Tyco’s Rick Focke. Now some of those facilities are starting to look at what’s next; but the very ubiquity may hold some back. “In higher ed we are seeing trends to finally upgrade from old magnetic stripe cards. Some are interested in mobile credentials. There hasn’t been a groundswell, but it is coming. Most colleges like the one-card system and everything on the card is pretty entrenched. I see mobile being used as more of an extra credential. There will be movement, but there are so many infrastructure systems to change it will take a while.”

Still, the same elements driving the McDonalds and the Starbucks to campus may eventually play a role here.

“Schools are now using housing to compete for students,” says Vision Security Technologies’ Del Deason. “We are seeing granite countertops and condo-like facilities, and the same credential to get everywhere.” Deason reports in 2016 his company is just beginning to have some real inquiries about Bluetooth readers. This has surprised a few in the industry who see the university market as a prime target for the mobile phone as credential.

“Higher ed has always been very price-sensitive,” says Skip Sampson of KST. “The pricing model for secure mobile credentials is not at a point yet that it makes sense for large, higher education deployments. There is a cost associated with that technology that will come down in the future, but that is why adoption has been slower than we expected.”

Deason has seen more interest in biometrics, however, “particularly around athletics where kids are coming in from the football field and they don’t have their credentials on them.”

In some ways the university market is similar both to healthcare and to multi-family residential in that convenience and openness must live side-by-side with high security in certain areas. “Open campuses are unique because security directors must balance the need for an open environment with strong safety measures to protect students, faculty and staff,” says Vanderbilt’s Kane. “Integrators must be an advisor to schools to help them find the right balance.”

MULTI-FAMILY

A convergence of factors has resulted in the recent surge of the multi-family market sector.

“The way people are buying and owning property today is changing,” says Mark Duato of ASSA ABLOY. “Multi-family in the last five years has been a boom market, particularly in cities where security is of utmost concern.”

Multi-family units are often mixed-use buildings with retail on the bottom, perhaps offices in the middle and residential units on top, Duato explains. “The uniqueness of that is that traditional software manufacturers and security management products have been almost over-engineered for those types of applications, especially if the end user wants to maintain and service their own solution.”

Unlike in some of the other vertical sectors here, cloud, mobile and wireless are more likely to be the norm than an experiment in multi-family. And for property managers that do not want to self-manage the system, it also offers a logical RMR-based opportunity for integrators that offer that option.

“It’s where the smart money is going,” says Gregg Miller, president and CEO, ASCI Security & Fire, Irvine, Calif. “Everyone wants that ROI.”

Kastle Systems, Falls Church, Va., was founded on a managed access premise years ago and got its start in multi-tenant office facilities, but added multi-family several years ago. “It’s a really dynamic marketplace and there is so much innovation out there influenced by residential and consumer-oriented technology,” says David McGuinness, vice president of corporate strategy. “We have been serving this market for the past 10 to 12 years but really doubled down about three years ago with more tech investment.”

The general “theme” of multi-family is the notion of hospitality coming to where people live, he adds. “Through the years there has been an escalation of the amenity wars. Ten to 15 years ago key amenities were location, covered parking, a pool, and maybe a gym. Today it is much more hospitality-centric with roof decks, pet washing stations, dog runs, bike storage and repair, and more. What properties are doing to differentiate themselves is to focus on lifestyle and that has led to the adoption of access control across the community.”

The perception of security is one way to attract residents, Miller says, but what constitutes that has changed dramatically over the years. “When we first got into this a number of years ago it was, ‘How can we put a telephone call box out front?’ A couple of years ago we started to see concerns about resident entries and integrating that all into one package.”

Miller credits the online wireless lock with the change. “Without that you do not control a resident entry. You cannot hardwire 450 units.”

With access control, properties not only can make sure that residents are secure, but also rely on its powerful database, apps, wireless locks with or without mobile credentialing, and more, to allow property owners and residents to get the most out of the system.

“Say I am new to a city and don’t know anybody. How convenient is it if I could tell from my phone that there are people on the roof deck? That might cause me to go upstairs and meet my neighbors,” McGuinness says. “Leveraging access control data and expressing that through a user interface can trigger different types of decisions.”

McGuinness attributes the rise of this vertical to changing demographics. Millennials are more likely to be attracted to living in this type of environment, both socially and because buying a home has gotten tougher since the 2007 economic recession. On the flip side, baby boomers are retiring and heading to town. “All these factors have driven up demand, which in turn has driven up construction and all these properties have to compete and differentiate and are looking at security as a means of doing that,” McGuinness explains.

This vertical is much more likely to try new things, perhaps because of its residential influence, Miller says. “I think multi-family is much more apt to look at and experiment and run beta sites with [mobile credentials],” he says. “The smart home trend has also influenced it.”

The most important thing in this vertical is to seamlessly blend the security with the convenience, he adds. “It is really important to provide a solid level of security, with convenience, without turning the community into an institutional feel. This is still home to individuals, and that fact cannot be overlooked.”

Read the original article at SDM Magazine.